Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/sgq-LrzsVnBJakQFktqVjK5gIxE.roa
File: sgq-LrzsVnBJakQFktqVjK5gIxE.roa (raw, json)
Hash identifier: SFM5Gjbo2EeTvyMCAFJE3r3uxlGPSE+gIMbZtX03EHQ=
Subject key identifier: B2:0A:BE:2E:BC:EC:56:70:49:6A:44:05:92:DA:95:8C:AE:60:23:11
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 0183E4E99406E38E17FDF7EB280266EEDCF0
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/sgq-LrzsVnBJakQFktqVjK5gIxE.roa
Signing time: Mon 17 Oct 2022 07:47:36 +0000
ROA not before: Mon 17 Oct 2022 07:47:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48732
IP address blocks: 2a11:601::/32 maxlen: 32
2a11:601:f000::/36 maxlen: 36
2a11:600:150::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:e9:94:06:e3:8e:17:fd:f7:eb:28:02:66:ee:dc:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Oct 17 07:47:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b20abe2ebcec5670496a440592da958cae602311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:45:4e:0a:d9:0f:72:73:1a:bc:48:48:d3:9f:
03:98:aa:20:ec:55:4a:c7:5e:64:68:d1:81:13:52:
aa:e4:0a:be:bc:cf:be:19:6e:82:38:a4:cd:c3:da:
c6:c0:d5:6c:4a:22:b9:6f:67:39:eb:df:97:75:55:
8e:58:33:e9:86:1a:63:8f:9a:a8:28:5a:bc:e9:ea:
2c:6a:85:d0:92:57:37:4f:d2:dd:c2:46:7c:0d:a0:
a6:50:67:13:71:21:58:a2:0b:63:65:9a:12:09:a6:
7a:aa:40:dc:5b:2c:4d:f4:9d:e6:90:db:ef:16:86:
f3:8f:63:5c:6d:5d:d7:03:2d:29:9c:07:d5:13:c4:
ad:84:b9:86:a1:9c:8e:58:c7:0d:e1:79:d1:0a:fe:
ff:78:60:9f:42:40:c5:aa:c9:c5:8c:65:4b:04:20:
98:fc:f1:6d:e5:57:5e:f5:27:0c:5c:f4:a7:b7:e7:
2e:a3:6f:15:03:05:9a:de:1c:93:a1:2c:b5:13:12:
3e:4b:f0:88:1a:30:f3:29:de:2d:d8:dc:8c:1a:a5:
e8:e1:75:49:53:b4:42:74:9c:8f:ef:46:e4:90:bf:
cb:d8:6d:ff:99:ab:d8:9b:e8:4e:57:ed:cc:30:35:
33:04:77:9b:b5:8d:c2:26:b5:5e:80:6e:07:89:37:
71:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0A:BE:2E:BC:EC:56:70:49:6A:44:05:92:DA:95:8C:AE:60:23:11
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/sgq-LrzsVnBJakQFktqVjK5gIxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:600:150::/48
2a11:601::/32
Signature Algorithm: sha256WithRSAEncryption
2c:41:60:9b:6f:72:a9:2c:9d:25:2b:21:fe:9a:c3:d0:6b:85:
cd:ab:01:54:12:cc:5e:6d:34:68:1f:82:f9:71:bf:4f:5d:24:
a1:9b:89:1d:19:88:12:93:87:bd:4c:ea:bf:aa:b1:dd:42:31:
1b:7b:14:b9:47:2b:0b:8d:14:14:6c:81:9a:21:65:f9:33:96:
48:d9:c1:a5:6a:d5:70:78:bf:f9:cc:a1:cc:90:18:dc:f1:e1:
29:d3:48:41:2e:4f:62:4e:ce:4f:bf:9c:37:31:4f:c3:11:bb:
25:1c:48:24:bd:75:fb:3b:a4:62:b7:c4:6f:f7:10:e3:36:7d:
db:a8:5e:69:fc:11:e3:e3:22:6b:2f:d8:26:af:38:b4:54:a4:
79:ac:78:d9:00:7d:25:ec:30:91:f2:62:32:6d:b6:3f:a1:f1:
23:9d:f4:74:8d:e8:ff:40:eb:54:7a:77:e4:7a:aa:32:9e:5e:
7e:26:6d:e9:4d:44:3a:ba:fc:ad:fb:14:9c:d3:58:a8:8e:b9:
77:d8:c2:f2:bf:e9:66:9a:fa:76:23:ab:d7:b3:49:7e:f7:4c:
60:86:06:93:72:15:d6:c2:3d:54:7c:6d:dc:8a:df:8d:2b:e7:
a1:0f:cd:28:a7:59:5a:ff:50:96:d2:44:4b:d5:e3:89:df:a8:
92:6e:cd:1e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYPk6ZQG444X/ffrKAJm7tzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjIxMDE3MDc0NzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBhYmUyZWJjZWM1NjcwNDk2YTQ0MDU5MmRhOTU4Y2FlNjAyMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUVOCtkPcnMavEhI058DmKog7FVK
x15kaNGBE1Kq5Aq+vM++GW6COKTNw9rGwNVsSiK5b2c569+XdVWOWDPphhpjj5qo
KFq86eosaoXQklc3T9LdwkZ8DaCmUGcTcSFYogtjZZoSCaZ6qkDcWyxN9J3mkNvv
Fobzj2NcbV3XAy0pnAfVE8SthLmGoZyOWMcN4XnRCv7/eGCfQkDFqsnFjGVLBCCY
/PFt5Vde9ScMXPSnt+cuo28VAwWa3hyToSy1ExI+S/CIGjDzKd4t2NyMGqXo4XVJ
U7RCdJyP70bkkL/L2G3/mavYm+hOV+3MMDUzBHebtY3CJrVegG4HiTdx2QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFLIKvi687FZwSWpEBZLalYyuYCMRMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvc2dxLUxyenNWbkJKYWtRRmt0cVZqSzVnSXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKhEGAAFQ
AwUAKhEGATANBgkqhkiG9w0BAQsFAAOCAQEALEFgm29yqSydJSsh/prD0GuFzasB
VBLMXm00aB+C+XG/T10koZuJHRmIEpOHvUzqv6qx3UIxG3sUuUcrC40UFGyBmiFl
+TOWSNnBpWrVcHi/+cyhzJAY3PHhKdNIQS5PYk7OT7+cNzFPwxG7JRxIJL11+zuk
YrfEb/cQ4zZ926heafwR4+Miay/YJq84tFSkeax42QB9JewwkfJiMm22P6HxI530
dI3o/0DrVHp35HqqMp5efiZt6U1EOrr8rfsUnNNYqI65d9jC8r/pZpr6diOr17NJ
fvdMYIYGk3IV1sI9VHxt3IrfjSvnoQ/NKKdZWv9QltJES9Xjid+okm7NHg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:24 2025 by rpki-client